On Jul 7, 2013, at 11:09 AM, zooko <[email protected]> wrote: > Oh, there are some potential security problems, too, with Twisted Web! In its > default configuration it offers to use single-DES for encryption, which is a > bad idea even though it isn't clear (to me) whether an attacker could take > advantage of that. > > http://twistedmatrix.com/trac/ticket/5514 > > It also has compression turned on, apparently, which could lead to a > vulnerability in very specific circumstances (called "CRIME"), and it by > default supports RC4, which has recently been condemned by cryptographers as > potentially unsafe. > > Also, it does not, at least with default configuration, support forward > secrecy.
As far as I understand it, these are all just bad defaults that Twisted inherits from OpenSSL, and whoever built your particular OpenSSL. (I'm pretty sure there are compile-time options for OpenSSL to not include DES, or at least to disable it by default.) That's not to say that we shouldn't offer *better* defaults, but Twisted is not a cryptography library, and for better or worse we rely on OpenSSL's judgement because it's currently the only crypto library we support. Twisted should have a better cipher-suite defaults and some better command-line options for 'twistd web' (probably in the form of better options for the SSL string endpoint syntax) for modifying those defaults if the user has a good reason to. But really, it would be nicer to just defer to the judgement of a transport layer security library that has *good* judgement about defaults rather than re-hashing every questionable decision that OpenSSL makes. -glyph
_______________________________________________ Twisted-web mailing list [email protected] http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
